The top hackers of China have gathered together this week in Chengdu, the hibiscus city, (actually a sub-provincial city and it even is the capital of the Chinese province, Sichuan.) to finish the Tianfu Cup, which is the top hacking competition held in China. For consecutive two days-November, 16 and 17-these security researchers or the white hat hackers of China will test their skills and abilities against some of the world’s most famous software and hardware.
The focus is on to exploit and take over an app using never before seen exposures. If the attacks are successful, then the researchers earn points towards an overall categorization, cash rewards, and also the fame and reputation that comes after winning a reputable hacking competition.
The hacking competition, which is held in China, is having similar rules to what is seen in Pwn2Own, the bi-annual global hacking contest. These two events are tied more than most people know about them. But however, the hacking contest, which is held over china, is not held on a worldwide basis. It is based mainly on China and focuses on the skills of Chinese security experts.
The primary focus of the Tianfu Cup in China is to take over some of the applications by the hackers and using vulnerabilities that have not been used before.
Before 2018, Pwn2Own was being dominated by the security researchers of China, with various teams winning the competition, but now all these talents are going against one another. Last year, in 2018, during spring, the Chinese government resisted the security researchers from taking part in these hacking contests which are organized at overseas, like Pwn2Own.
The first edition of the Tianfu cup was held in 2018, and with a huge success, where researchers could hack apps like-Edge, Chrome, Safari, iOS, Xiaomi, Vivo, VirtualBox, etc, much more successfully.
Victims of the first day: Chrome, Safari, Edge, Office 365
The first day of the competition was marked too busy, with 32 hacking sessions and was held on Saturday. Out of all these sessions,13 of them were very successful, while 7 of the hacking sessions failed, and in 12 of the sessions, the security researchers deserted the victimization attempts for several reasons.
There were very few vendors present at the Tianfu Cup, but however, many others were present, who were high profile successful exploits, as recorded in the first two editions during the competition.
However, most of the companies will prefer to send a representative from next year onwards. Google already had its members of the Chrome security team present on the site.
Sessions held during the 2nd day: $200,000 was charged for just a VMware Escape.
16 sessions were scheduled for the second day of the competition, out of which only half of them went as planned. Only 7 hacking sessions could succeed because researchers gave up on 8. The last session failed to hit its mark.
The Team 360Vulcan gave up all their attempts to exploit the iOS software, this was a much-awaited session, which was scheduled at the end, to finish the tournament.
However, the Team 360Vulcan could win the competition, by earning $382,500 for all their efforts which were put on for hacking software like Microsoft Edge, Microsoft office 365, Adobe PDF Reader,qemu+Ubuntu and the VMWare Workstation.